Find information:

[6-20]Software Security Problems and Solutions...


Title: Software Security Problems and Solutions: A Stony Brook Perspective

Speaker: Prof. Tzi-cker Chiueh (ECSL of Stony Brook University)

Time: 2:30 pm, June 20

Venue: Lecture room, Level 5 Building #5, ISCAS


Many of today’s network/computer security problems are due to defects in software implementations. Over the last several years, we have been working on  a wide array of program transformation approaches to solve the software security problem. The overarching goal of these projects is to build a compiler that can transform arbitrary application programs in such a way that eliminates all known security vulnerabilities.
Today this goal is largely achieved. In this talk, I will describe our efforts to detect/prevent attacks that exploit software bugs with and without access to the applications’ source code, and how to isolate "attacker-friendly" applications to protect systems resources. Then I will present the concept of "repairable system" that includes techniques to automate attack signature and patch generation to stop fast-spreading worms, to quickly repair compromised information systems while minimizing collateral damage, and to efficiently maintain enough information for digital forensics.



Dr. Tzi-cker Chiueh is a Professor at the Computer Science Department of Stony Brook University, and currently directs the Core Research group at Symantec Research Labs. He received his B.S. in EE from National Taiwan University, M.S. in CS from Stanford University, and Ph.D. in CS from University of California at Berkeley in 1984, 1988, and 1992, respectively. He received an NSF CAREER award in 1995, an IEEE Hot Interconnect Best Paper award in 1999, a 2004 Long Island Software Award and a Best Paper Award from the 21st Computer Security Applications Conference (ACSAC 2005), the 8th International Symposium on Systems and Information Security (SSI 2006), the 3rd International Symposium on Information Assurance and Security (IAS 2007), and the 24th International Conference on Data Engineering (ICDE 2008). Dr. Chiueh has published over 160 technical papers in refereed conferences and journals. His current research interest lies in computer security, storage systems and wireless networking.



Prof. Chiueh also wants to recruit PH.D students and Postdocs in ISCAS. If you are Interested in the positions, please send resume to, and you can also talk directly with Prof. Chiueh after his lecture.